How to use .htaccess against image hotlinkers and the Digg/Slashdot Effect

Are you paying for your bandwidth for your Internet site? Maybe it’s your blog? As much as you’d love to get Digg or the Slashdot effect, sometimes it’s not so pretty either. Here are a couple ways to use your .htaccess file to your advantage against having a unforeseen bandwidth barrage on your hosting provider. Believe us. They’ll love you too for it.
First you find out if your hosting provider can handle mod_rewrite on their .htaccess files. If so, then check the root of your website. If there isn’t one already, create a text file that has 644 permissions called .htaccess and we’ll begin with some fun little code conditions.

First if your file was already created, then check and see if you have:
Rewrite Engine On
If not, then put that line in at the top of the text file.
Then come the conditional effects. You can comment the .htaccess files by prefixing any line with the # sign. This makes your .htaccess easy to read for someone that might be modifying it for you later on.
# This is a commented text line
To protect yourself from Digg or Slashdot, put the next conditions in:
RewriteCond %{HTTP_USER_AGENT} !^CoralWebPrx
RewriteCond %{QUERY_STRING} !(^|&)coral-no-serve$
RewriteCond %{HTTP_REFERER} ^http://(www.)? [OR]
RewriteCond %{HTTP_REFERER} ^http://(www.)? [OR]
RewriteCond %{HTTP_REFERER} ^http://(www.)? [OR]
RewriteRule ^(.*)$$1 [R,L]

Replace the last line of the with the URL of your site. You can add more lines that cause a lot of traffic by adding similar lines and putting in the site names in the RewriteCond. The point of those conditions is that it redirects any site from say “” or “” to, which is a CoralCache page.
To prevent image hotlinkers, do the following:
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]

Replace with whatever your site URL would be. This prevents people from taking your images and direct linking to them and causing your bandwidth to dry up very quickly while they don’t use any of their bandwidth for the imaging. Hotlinkers are super bandwidth theft issues but there’s not much you can do about them except in this fashion.
To test it, try altlab’s hotlinker testing. If you don’t get the above, perhaps their tutorial will help you with your .htaccess in a better fashion.
In any case, that should prevent your host from getting whiplashed by Digg or Slashdot, and also save your precious bandwidth from getting chewed up by hotlinkers. There you go. Have fun.